Spot instances frequently terminated in AWS auto scaling group (failing system health check)@DerekMorrison - I see; the spot price history for m3.xlarge in us-east-1 has been >= $1 in the last weeks in some AZs in fact (please beware of the difference between EC2 classic and VPC in this regard), but given your extensive debugging effort, you have presumably looked very closely already ;) - I've updated my answer with another frequently encountered reason for spot instance terminations and options how to gain more insight into the actual cause by tracking your spot request bids.

Mar19

comment

AWS IAM user access issues for S3According to Sid, it is is an optional identifier that you provide for the policy statement, which must be unique within a policy. Given it seems to work fine w/o (but see below), I tend to remove it here for brevity and when versionizing policies, but do not bother when generating policies automatically for example - however, as per the subsequent Note: Some AWS services (for example, Amazon SQS or Amazon SNS) might require this element [...].

AWS Cloud Formation.Requires capabilities : [CAPABILITY_IAM] (Child Stack)Thanks for following up with your discoveries - this seems to match previous observations of mine, but ironically we seem to encounter the inverse behavior as of recently, i.e. CAPABILITY_IAM is now always required once a sub stack resource is involved, even if it doesn't create IAM resources (e.g. the Nesting a Stack in a Template example exposes this behavior, and this happens at the API level). Unfortunately this obstructs other use cases now - has AWS contacted you about this change?

How to address an EC2 instance from both inside and outside datacenter?@MichaelHampton - Ah right, I've overlooked that Alexandr is planning to use his own A record indeed (rather than a CNAME for the AWS one for example); in this case your suggestion is obviously spot on regarding the desirable routing and cost benefits implied when using the internal IP address where possible, sorry for the sloppy assessment of the question at hand.

Amazon SES domain verification TXT DNS record@Skittles - Also, I even assumed I might had misunderstood your issue in the first place and still tried to assemble relevant information; and I continued to do this by recommending Route 53 once the actual issue surfaced in your comment. The two things I tried to get across are simply a) your registrar has unusual deficits in his DNS console, which are hard to impossible to diagnose/address without further details from them, and b) you missed to state that problem in your question. The goal of the latter is simply to improve on that in the future for the benefit of all participants.

Dec9

comment

Amazon SES domain verification TXT DNS record@Skittles - You response is quite inappropriate, I haven't stated RTFM anywhere in my post, rather tried to link to relevant information, as I always do. Have you even considered how much time it took me to assemble this post like so in order to help you? I've clearly stated how to properly format a standardTXT record - please reconsider: it is impossible to deduce the absence of the required Name field in your registrars DNS console from your sentence "Is this how you would make the TXT record properly?"! How should I figure that your registrar is hiding a crucial part?

Dec9

comment

Amazon SES domain verification TXT DNS record@Skittles - How could I possibly have figured this essence from your post, after all you've left out exactly the key information of this being an issue with your specific registrar rather than with SES and/or TXT records in general? I'm not able to help you with this unusual DNS management setup (and I doubt someone else will) - if their support isn't able to explain how to create standard TXT records, I can only recommend switching your DNS to e.g. Amazon Route 53, which has a decent record management UI and API (I've never looked back myself ...).

Dec6

comment

Is there a Windows equivalent of Unix 'CPU steal time'?+1 for the thorough exploration indeed, highly appreciated. So regarding EC2 this apparently boils down to Unix/Linux guests running in Xen paravirtual mode, which is a paravirtualized domain (i.e. not full virtualization, the guest OS is modified to run on the host), where steal time is available, vs. Windows/FreeBSD/... guests running in Xen HVM, which is a hardware emulated domain (i.e. the guest OS is unmodified to run on the host), where it apparently isn't - so a definite negative answer, guess that's what counts. Do I read you correctly that it could get added eventually?